Pokki virus. How to remove? (Uninstall guide)

Pokki is the PUP that uses misleading techniques to prevent removal. Use Reimage to locate malicious components and get rid of them faster than with uninstall instructions. A full system scan blocks virus reappearance and prevents traffic to malicious domains.
Download Reimage repair
Download Reimage repair

Questions about Pokki virus

Pokki is a legitimate application developed by SweetLabs, Inc in 2014. It is represented as a tool allowing to search for apps, files, power options, Control Panel features, and other options on Windows 8 and 10 with one click on the Start button. However, currently, most of the reliable AV engines detect it as PUP (Potentially Unwanted Program) or Win32/Pokki, while security experts recommend people to stay away from it. It seems that from a regular browser hijacker that replaces start page and search engine, it developed into a quite aggressive Windows Start Menu promoting misleading apps. Therefore, instead of being called Pokki’s Windows 8 Start Menu, it's referred to as a Pokki update virus.

Summary:

Name

Pokki virus

AV detection name

Win32/Pokki

Type

Adware

Danger level

Medium. The ad-supported applications cannot harm the system or files. However, they can display potentially dangerous content and increase chances to catch a serious computer virus

Pokki[1] is a program created by SweetLabs Inc which allows changing start menu on Windows 8 or 10. With the help of this app, users can simulate mobile app interface. Generally, this application is safe and does not include any malicious features itself. Or rather used to be safe.

Even though it can hardly be described as a malicious virus, it can definitely be described as PUP due to tricky distribution strategy (“Bundling”), as well as highly suspicious behavior.

The program has an official download site where a free download is available. However, most frequently it sneaks into the system unnoticed with the help of freeware.[2] For this reason, users often refer to it as Pokki virus. However, technically speaking, this is not a right term to describe it. It's a potentially unwanted application that can only cause problems while browsing the web. However, it does not mean that these activities should be tolerated.

Users usually learn about Pokki update virus when they unexpectedly receive a notification urging to install available updates for the program they haven’t installed. We have already told that program can get into the system with the help of software bundling strategy which allows infiltrating devices silently.

However, in 2013 the program spread pre-installed on Lenovo computers with Windows 8 operating system.[3] Though Pokki update virus is known as bloatware,[4] and these programs once in a while need to be updated too. Security specialists recommend finding and uninstalling this program instead of updating it.

Various antivirus programs detect this application as Win32/Pokki Virus BrowserModifier, PUP, PUA, and similarly. Based on the latest reports by security experts, it seems that the program is not changing its advertising strategies. Instead of improving its reputation, the company turns Pokki app to a more aggressive. Currently, it may not only install updates for itself automatically, but also download other PUPs alongside its updates or cause browser's redirects to rogue download sites. One of the symptoms indicating that the system is at the risk of PUP infection are pop-ups like that:

Pokki has been updated to the latest version update.

The Start Menu Updated

There's no doubt that you should remove Pokki as soon as it is installed on your machine. It doesn't matter whether you installed it yourself in order to change Windows Start menu interface, or if it arrived in the software bundle, it's important to get rid of it because it might:

deliver an increased amount of ads that might redirect to misleading or even infected websites;

display banners, pop-ups and other types of ads might cover necessary content on the site;

redirect to fraudulent websites once you click on search results, links or it might open new browser tab out of nowhere;

collect information about users.

The developers claim Pokki to be the largest app recommendation platform

Authors of Pokki offers its promotional services to app developers. The developers tell that they have a partnership with computer manufacturers and can promote programs through Windows Start menu, App Store, and Game Arcade. Hence, such description proves that it's an ad-supported program.

Security specialists from LosVirus[5] warn that developers of PUPs or even malicious apps might take advantage of such service. For this reason, we recommend performing Pokki removal immediately. If it arrived on the system in the software bundle, you should use anti-malware software, like Reimage, to get rid of all its related components.

The developers claim Pokki to be the largest app recommendation platformRemove Pokki from WindowsClick 'Start -> Control Panel -> Programs and Features' (if you are 'Windows XP' user, click on 'Add/Remove Programs').Remove Pokki from WindowsIf you are 'Windows 10 / Windows 8' user, then right-click in the lower left corner of the screen. Once 'Quick Access Menu' shows up, select 'Control Panel' and 'Uninstall a Program'.Remove Pokki from WindowsRight click on each of suspicious entries and select 'Uninstall'Remove Pokki from Mac OS XCick 'Go' and select 'Applications'Remove Pokki from Mac OS XClick on every malicious entry and select 'Move to Trash'Remove Pokki from Internet ExplorerClick on menu icon and select 'Manage add-ons'Remove Pokki from Internet ExplorerRight click on each of malicious entries and select 'Disable'Remove Pokki from Internet ExplorerDelete malicious URL, enter your desired domain name and click 'Apply' to save changesReset Internet ExplorerGo to 'Advanced' tab and click on 'Reset' button. Now select 'Delete personal settings' and click on 'Reset' button againRemove Pokki from Microsoft EdgeGo to Settings and select 'Choose what to clear'Remove Pokki from Microsoft EdgeSelect 'Clear' buttonRemove Pokki from Microsoft EdgeOpen the start menu and select 'Task Manager'Remove Pokki from Microsoft EdgeRight-click 'Microsoft Edge' and select 'Go to details'Remove Pokki from Microsoft EdgeSelect 'More details' if 'Go to details' option fails to show upRemove Pokki from Microsoft EdgeFind Microsoft Edge entries and select 'End Task'Remove Pokki from Microsoft EdgeGo to Microsoft Edge folder on your computer, right-click every entry and click 'Delete'Remove Pokki from Microsoft EdgeFind Windows PowerShell, right-click it and select 'Run as administrator'Remove Pokki from Microsoft EdgeCopy and paste a required command and press 'Enter'Remove Pokki from Mozilla FirefoxClick on menu icon and select 'Add-ons'Remove Pokki from Mozilla FirefoxSelect 'Extensions' and look for malicious entries. Click 'Remove' to get rid of each of themReset Mozilla FirefoxClick on menu icon and then on '?'. Select 'Troubleshooting Information'Reset Mozilla FirefoxClick on 'Reset Firefox' button for a couple of timesRemove Pokki from Google ChromeClick on menu icon. Select 'Tools' and 'Extensions'Remove Pokki from Google ChromeLook for malicious entries and delete each of them by clicking on the Trash bin iconRemove Pokki from Google ChromeWhen in 'Settings', select 'Manage search engines...'Remove Pokki from Google ChromeClick 'X' to remove malicious URLsReset Google ChromeWhen in 'Settings', scroll down to 'Reset browser settings' button and click on itReset Google ChromeClick on 'Reset' button to complete your removalRemove Pokki from SafariClick on 'Safari' and select 'Preferences'Remove Pokki from SafariGo to 'Extensions' and uninstall malicious add-onsReset SafariClick on 'Safari' and select 'Reset Safari...'Reset SafariSelect all options and click on 'Reset' button

Slide 1 of 33

Suspicious data tracking tendencies

Before using any program, it's important to read privacy policy[6] where developers inform whether they collect information about users and how they treat users' data. Pokki developers clearly state that they are interested in specific information:

Generally, our Services automatically collect usage information regarding the software, apps and services you use or have downloaded or installed from us, such as the frequency with which an app or Service has been clicked or opened, and how long an app or Service remains open. We also collect installation information, which may include information on whether certain apps or Services have been installed or uninstalled, and how long a Service has been installed or used on your system.

Though they claim that such information is used purely for statistical purposes, they also mention that third-parties which promote their content via Pokki app may also use tracking tools. Thus, they cannot be liable for what tools these parties use and how they manage collected information. In short, while using this app, you may notice more excessive advertising[7].

Negative effect on system's performance

Pokki update virus can also have a negative effect on Windows 8 and 10 performance. People noticed that right after the infiltration of this PUP, the system gets more sluggish and unresponsive. One of the reasons might be a high CPU usage by pokki.exe or HostAppServiceUpdater.exe files.

Besides, it may run multiple processes and cause slowdowns during the active phase of update downloading and installing. Sometimes, a prolonged Windows startup process can be noticed. That's because Pokki adware can change Windows startup and enable related components during startup. Thus, that's yet another reason why you should respond to your web browser's hijack and get rid of this app without a delay.

Distribution strategies used for spreading the program

Besides mentioned distribution method via freeware, you can also download the program from its official website. Additionally, this app might be promoted via sponsored domains. Pokki ads might be disguised. In other words, you might click on the link which does not indicate this program but redirects you to this domain.

In order to avoid installing similar programs, pay attention to the installation wizard. Despite what program you are about to install, optional add-ons may be promoted. In order to detect them, choose “Advanced” installation mode. Unmark irrelevant programs and continue proceeding further. Likewise, you will be able to prevent “Pokki hijack” and similar questionable tools.

Get rid of Pokki virus

You can remove Pokki manually via the Control Panel. If you still spot pokki.exe running in the Task Manager, you can scan the system with malware elimination tool. If you do not have one, install it as it will come in handy dealing with more elaborate threats.

After you complete Pokki removal, check the list of system apps. Additional programs may have been installed too. Uninstall them without any consideration. Moreover, you should look through browser extensions and remove unknown entries. Browser reset is also recommended to delete tracking cookies or other spying technologies.

What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.

Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

Eliminate Pokki from Safari

We are offering REIMAGE to detect malware. You need to purchase Full version to remove infections. More information about Reimage, Uninstall, Terms and Privacy

Remove dangerous extensions
Open Safari web browser and click on Safari in menu at the top left of the screen. Once you do this, select Preferences.

Here, select Extensions and look for Pokki or other suspicious entries. Click on the Uninstall button to get rid each of them.

Reset Safari
Open Safari browser and click on Safari in menu section at the top left of the screen. Here, select Reset Safari....

Now you will see a detailed dialog window filled with reset options. All of those options are usually checked, but you can specify which of them you want to reset. Click the Reset button to complete Pokki removal process.